Hacking BPQ32 - Windows Remote Code Execution Exploit Alert

This is a video to accompany a write-up I did regarding several vulnerabilities present in the windows version of BPQ32, a popular packet radio BBS software. The vulnerability, CVE-2024-34087 is in reference to a SEH based buffer overflow that leads to an RCE (Remote Code Execution). The video details the proof of concept published on my blog, and shows how any windows computer running bpq32 that has exposed telnet or HTTP ports can be used to gain control of the computer.

The write up can be found here: https://themodernham.com/bbs-hacking-discovering-rce-within-bpq32-seh-based-buffer-overflow/

Link to the NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2024-34087

How to Secure your BPQ32 Instance: https://themodernham.com/how-to-secure-your-packet-bbs-bpq32-or-linbpq-instance/

Beta (Patch) Downloads: https://www.cantab.net/users/john.wiseman/Downloads/Beta/

This video is for educational purposes, and was made to bring awareness to security problems affecting the amateur radio community. Thank you to John Wiseman, creator of BPQ32 for being attentive to the problem.

00:00 Intro 01:10 Disclosure 2:26 Patching 04:00 Warnings 08:20 Exploit Setup 12:05 Exploit Explanation 14:40 POC Walkthrough 18:50 Demonstration 22:10 How to Protect Yourself 29:20 Outro

★★★ IMPORTANT LINKS★★★ ✅Follow My Instagram https://www.instagram.com/modernham/ ✅Follow My Twitter https://twitter.com/HamModern

⚡ Join the ModernHams Discord: ⚡ https://discord.gg/EbP9dTMrTU ... https://www.youtube.com/watch?v=mqGkSTViIDY